package org.argeo.osgi.useradmin;
-import static org.argeo.naming.LdapAttrs.objectClass;
+import static org.argeo.util.naming.LdapAttrs.objectClass;
import java.util.ArrayList;
import java.util.Dictionary;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.LdapName;
+import org.argeo.util.naming.LdapObjs;
import org.osgi.framework.Filter;
import org.osgi.service.useradmin.Role;
import org.osgi.service.useradmin.User;
if (attrs.size() == 0)
return null;
int roleType = roleType(name);
- LdifUser res;
+ DirectoryUser res;
if (roleType == Role.GROUP)
- res = new LdifGroup(this, name, attrs);
+ res = newGroup(name, attrs);
else if (roleType == Role.USER)
- res = new LdifUser(this, name, attrs);
+ res = newUser(name, attrs);
else
- throw new UserDirectoryException("Unsupported LDAP type for " + name);
+ throw new IllegalArgumentException("Unsupported LDAP type for " + name);
return res;
} catch (NameNotFoundException e) {
throw e;
}
@Override
- protected List<DirectoryUser> doGetRoles(Filter f) {
+ protected List<DirectoryUser> doGetRoles(LdapName searchBase, Filter f, boolean deep) {
ArrayList<DirectoryUser> res = new ArrayList<DirectoryUser>();
try {
String searchFilter = f != null ? f.toString()
: "(|(" + objectClass + "=" + getUserObjectClass() + ")(" + objectClass + "="
+ getGroupObjectClass() + "))";
SearchControls searchControls = new SearchControls();
- searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE);
+ // FIXME make one level consistent with deep
+ searchControls.setSearchScope(deep ? SearchControls.SUBTREE_SCOPE : SearchControls.ONELEVEL_SCOPE);
- LdapName searchBase = getBaseDn();
+ // LdapName searchBase = getBaseDn();
NamingEnumeration<SearchResult> results = ldapConnection.search(searchBase, searchFilter, searchControls);
results: while (results.hasMoreElements()) {
Attributes attrs = searchResult.getAttributes();
Attribute objectClassAttr = attrs.get(objectClass.name());
LdapName dn = toDn(searchBase, searchResult);
- LdifUser role;
+ DirectoryUser role;
if (objectClassAttr.contains(getGroupObjectClass())
|| objectClassAttr.contains(getGroupObjectClass().toLowerCase()))
- role = new LdifGroup(this, dn, attrs);
+ role = newGroup(dn, attrs);
else if (objectClassAttr.contains(getUserObjectClass())
|| objectClassAttr.contains(getUserObjectClass().toLowerCase()))
- role = new LdifUser(this, dn, attrs);
+ role = newUser(dn, attrs);
else {
// log.warn("Unsupported LDAP type for " + searchResult.getName());
continue results;
// ignore (typically an unsupported anonymous bind)
// TODO better logging
return res;
- } catch (Exception e) {
- e.printStackTrace();
- throw new UserDirectoryException("Cannot get roles for filter " + f, e);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get roles for filter " + f, e);
}
}
directGroups.add(toDn(searchBase, searchResult));
}
return directGroups;
- } catch (Exception e) {
- throw new UserDirectoryException("Cannot populate direct members of " + dn, e);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot populate direct members of " + dn, e);
}
}
@Override
- protected void prepare(UserDirectoryWorkingCopy wc) {
+ public void prepare(DirectoryUserWorkingCopy wc) {
try {
ldapConnection.prepareChanges(wc);
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot prepare LDAP", e);
+ throw new IllegalStateException("Cannot prepare LDAP", e);
}
}
@Override
- protected void commit(UserDirectoryWorkingCopy wc) {
+ public void commit(DirectoryUserWorkingCopy wc) {
try {
ldapConnection.commitChanges(wc);
} catch (NamingException e) {
- throw new UserDirectoryException("Cannot commit LDAP", e);
+ throw new IllegalStateException("Cannot commit LDAP", e);
}
}
@Override
- protected void rollback(UserDirectoryWorkingCopy wc) {
+ public void rollback(DirectoryUserWorkingCopy wc) {
// prepare not impacting
}
+ /*
+ * HIERARCHY
+ */
+
+ @Override
+ protected Iterable<HierarchyUnit> doGetDirectHierarchyUnits(LdapName searchBase, boolean functionalOnly) {
+ List<HierarchyUnit> res = new ArrayList<>();
+ try {
+ String searchFilter = "(|(" + objectClass + "=" + LdapObjs.organizationalUnit.name() + ")(" + objectClass
+ + "=" + LdapObjs.organization.name() + "))";
+
+ SearchControls searchControls = new SearchControls();
+ searchControls.setSearchScope(SearchControls.ONELEVEL_SCOPE);
+
+ NamingEnumeration<SearchResult> results = ldapConnection.search(searchBase, searchFilter, searchControls);
+
+ while (results.hasMoreElements()) {
+ SearchResult searchResult = (SearchResult) results.nextElement();
+ LdapName dn = toDn(searchBase, searchResult);
+ Attributes attrs = searchResult.getAttributes();
+ LdifHierarchyUnit hierarchyUnit = new LdifHierarchyUnit(this, dn, attrs);
+ if (functionalOnly) {
+ if (hierarchyUnit.isFunctional())
+ res.add(hierarchyUnit);
+ } else {
+ res.add(hierarchyUnit);
+ }
+ }
+ return res;
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get direct hierarchy units ", e);
+ }
+ }
+
+ @Override
+ protected HierarchyUnit doGetHierarchyUnit(LdapName dn) {
+ try {
+ Attributes attrs = ldapConnection.getAttributes(dn);
+ return new LdifHierarchyUnit(this, dn, attrs);
+ } catch (NamingException e) {
+ throw new IllegalStateException("Cannot get hierarchy unit " + dn, e);
+ }
+ }
+
}